From d3ec9a066989f11089020823749a9cc38a8c4346 Mon Sep 17 00:00:00 2001
From: Chris Allard <lyon.allard.chris@gmail.com>
Date: Thu, 11 Jul 2013 11:19:11 +0200
Subject: [PATCH] API method: user.delete(id).

---
 src/api.js        | 33 +++++++++++++++++++++++++++++++--
 src/collection.js |  2 +-
 2 files changed, 32 insertions(+), 3 deletions(-)

diff --git a/src/api.js b/src/api.js
index 6f2dbf89d..138204793 100644
--- a/src/api.js
+++ b/src/api.js
@@ -225,8 +225,34 @@ Api.fn.user = {
 		});
 	},
 
-	'delete': function () {
-		throw Api.err.NOT_IMPLEMENTED;
+	'delete': function (session, req) {
+		var p_id = req.params.id;
+		if (undefined === p_id)
+		{
+			throw Api.err.INVALID_PARAMS;
+		}
+
+		var user_id = session.get('user_id');
+		if (undefined === user_id)
+		{
+			throw Api.err.UNAUTHORIZED;
+		}
+
+		return this.users.get(user_id).then(function (user) {
+			if (!user.hasPermission('admin'))
+			{
+				throw Api.err.UNAUTHORIZED;
+			}
+
+			return this.users.remove(p_id).then(function (success) {
+				if (!success)
+				{
+					throw Api.err.NO_SUCH_OBJECT;
+				}
+
+				return true;
+			});
+		});
 	},
 
 	'changePassword': function () {
@@ -274,6 +300,8 @@ Api.fn.user = {
 
 			return users.get(p_id);
 		}).then(function (user) {
+			// @todo Check user exists.
+
 			// Gets the user to update.
 
 			// @todo Check undefined value are ignored.
@@ -327,6 +355,7 @@ Api.fn.token = {
 				throw Api.err.INVALID_PARAMS;
 			}
 
+			// @todo Returns NO_SUCH_OBJECT if the token does not exists.
 			return tokens.remove(p_token).then(true);
 		});
 	},
diff --git a/src/collection.js b/src/collection.js
index 8827d3265..c5c974160 100644
--- a/src/collection.js
+++ b/src/collection.js
@@ -116,7 +116,7 @@ Collection.prototype.remove = function (ids) {
 
 	// @todo Maybe return a more meaningful value.
 	/* jshint newcap: false */
-	return Q(true);
+	return Q(true); // @todo Returns false if it fails.
 };
 
 /**